Can't SSH to dropbear.

juan

Hi, i'm running Debian6 and followed this setup lowendvpsconfig. After the setup, my vps ran for 20+ days, until later this day there have been a downtime. So i rebooted my server, and i can't putty to my vps anymore. Although i can access it thru VNC and i already tried to restart dropbear and reboot the vps too.

Running netcat to dropbear port, I get

nc localhost port SSH-2.0-dropbear_0.52

I also have tried to flush my iptables for ip blockage. What else could i be missing here? Thanks.

zhuanyi

Last time I had it was because I messed up with my network interfaces, check ifconfig and see if you have your public IP address listed somewhere there, it should be venet0 or venet0:0 for OVZ and eth0 for KVM.

AsadHaider

Is dropbear listening on your public IP?

juan

I'm on KVM, and this is my ifconfig

ifconfig

eth0 Link encap:Ethernet HWaddr 00:17:3c:e5:5d:e0 inet addr:xxx.xxx.xxx.xxx Bcast:xxx.xxx.xxx.xxx Mask:255.2555.2555.0

do i change the listening address from the only_from option?

socket_type = stream only_from = 0.0.0.0 wait = no user = root protocol = tcp server = /usr/sbin/dropbear server_args = "-i -g" disable = no type = unlisted

I'll list my rules for SSH on iptables if this could help

-A INPUT -p tcp -m tcp --dport 222 -m state --state NEW -m recent --set --name DEFAULT --rsource -A INPUT -p tcp -m tcp --dport 222 -m state --state NEQ -m recent --update --seconds 180 --hitcount 2 --name DEFAULT --rsource -j DROP -A INPUT -p tcp -m state --state NEW --dport 222 -j ACCEPT

cosmicgate

Is dropbear better than openssh?

juan

better for low end vps, i guess. It uses less memory.

AsadHaider

@juan Try running this and posting the output. I don't use debian much.

http://www.debian-administration.org/articles/184

@cosmicgate Just uses less memory I think, so it's good for the 32/64mb LEBs.

juan

:~# netstat -a | grep LISTEN | grep -v unix tcp 0 0 localhost:mysql : LISTEN tcp 0 0 localhost:spamd : LISTEN tcp 0 0 :imap2 *: LISTEN tcp 0 0 :ssh *: LISTEN

Anyway, my host is down again right now so i can't do anything. Now i wonder if my provider may be the culprit of whats causing this?

Nick

@cosmicgate said: Is dropbear better than openssh?

Nope. It is slower, has less features, development is few and far between, has gone periods where there were no security updates for years. I don't see the point in putting my server at risk to save a few hundred KB of RAM at most.

netomx

@Nick said: few hundred KB of RAM at most

it is like almost 2mb per connection

Nick

@netomx said: it is like almost 2mb per connection

If you are running some sort of shell account service then that would make a lot of sense as the RAM usage would add up quickly. It's all personal preference really, but I don't squeeze my VPS so much that I don't have 2MB of RAM to spare for an SSH connection.

George_Fusioned

From what you've posted so far I can see that dropbear is running on port 22 while you're iptables rules are for port 222. Also your netmask on your ifconfig output shows 255.2555.2555.0

Either the above are copy/paste typos, or something is messed up on your config.

rajprakash

Yea something looks weird. Did you recently upgrade the system or something? I've had that same config running for years now (literally). Still chugging along.

Kairus

@Nick said: It is slower

Hmm, I've always felt like it was faster.

George_Fusioned

@juan so, did you get your issue resolved?

netomx

@Nick said: but I don't squeeze my VPS so much that I don't have 2MB of RAM to spare for an SSH connection.

Well, it is just some kind of try to squeeze all that you can :P

Soylent

@Nick said: I don't see the point in putting my server at risk to save a few hundred KB of RAM at most.

By which you mean 6-7MB. I stripped a BuyVM 128OVZ running Debian 6 down as far as I could with only syslog, cron, and openssh running. 13MB in use. Switched to dropbear and got it down to 6MB.

Of course it has less features. That's how it uses a fraction of the RAM. I for one don't need those features (tunneling and whatnot). All I need is the ability to restrict root logins and use pubkey auth. My dropbear.conf is 3 lines. Claiming it's slower is just ridiculous. It's a remote shell. What exactly are you expecting?

It's not for everyone, but don't act like the memory savings is totally insignificant in the context of LEBs.

juan

@Fusioned_George : Not yet, I'm still waiting for my vps to turn back up. The provider is migrating all VPS to a new location. I'll update this thread as soon as possible.

Nick

@Soylent said: It's not for everyone, but don't act like the memory savings is totally insignificant in the context of LEBs.

I'm just drawing conclusions based off my own testings with Dropbear. It's not scientific, it's anecdotal, but that's what I experienced.